Yahoo Autos MortalKombat ransomware victims can now decrypt their files for free
Romanian cybersecurity firm Bitdefender has released a free decryption tool for MortalKombat, a months-old strain of ransomware targeting predominantly cryptocurrency users.
MortalKombat, named after the popular video game franchise, was first observed by Cisco Talos researchers in January. The researchers said that the financially motivated gang had been deploying the ransomware to steal cryptocurrency from victims in the United States, the United Kingdom, the Philippines and Turkey.
The MortalKombat ransomware is typically spread via phishing emails in which the attackers impersonate CoinPayments, a legitimate global cryptocurrency payment gateway. Once installed on a victim’s machine, the malware seeks out cryptocurrency wallets on the device and monitors the computer’s clipboard for wallet addresses. If a wallet address is found, the address is sent to the attacker’s server and substituted with an attacker-controlled address in an attempt to hijack future transactions.
Though it’s only been active for a few months, Bitdefender on Tuesday announced that it had released a free decryptor for MortalKombat, enabling victims of the ransomware to unscramble their encrypted files for free.
Bitdefender tells TechCrunch that it has also been observing the MortalKombat since January, but said the magnitude of the threat remains unknown.
